32 matches found
EUVD-2008-6370
Malware in sbrugna...
EUVD-2015-7306
Malware in sbrugna...
EUVD-2015-5951
Malware in sbrugna...
refbase.vbi.vt.edu XSS vulnerability
Open Bug Bounty ID: OBB-448413 Description| Value ---|--- Affected Website:| refbase.vbi.vt.edu Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Chea...
refbase.wsulibs.wsu.edu XSS vulnerability
Vulnerable URL: http://refbase.wsulibs.wsu.edu/yellowstone/error.php?errorNo=10%22%3E%3Csvg/onload=alert/XSSPOSED/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not...
Web Reference Database Multiple Vulnerabilities
Reference Database is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:refbase:refbase";...
CVE-2015-7382
SQL injection vulnerability in install.php in Web Reference Database aka refbase through 0.9.6 allows remote attackers to execute arbitrary SQL commands via the defaultCharacterSet parameter, a different issue than CVE-2015-6009...
CVE-2015-7381
Multiple PHP remote file inclusion vulnerabilities in install.php in Web Reference Database aka refbase through 0.9.6 allow remote attackers to execute arbitrary PHP code via the 1 pathToMYSQL or 2 databaseStructureFile parameter, a different issue than CVE-2015-6008...
CVE-2015-6012
Multiple open redirect vulnerabilities in Web Reference Database aka refbase through 0.9.6 and bleeding-edge before 2015-01-08 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the referrer parameter...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Web Reference Database aka refbase through 0.9.6 and bleeding-edge before 2015-01-08 allow remote attackers to inject arbitrary web script or HTML via the 1 errorNo or 2 errorMsg parameter to error.php; the 3 viewType parameter to...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in install.php in Web Reference Database aka refbase through 0.9.6 allow remote attackers to execute arbitrary PHP code via the 1 pathToMYSQL or 2 databaseStructureFile parameter, a different issue than CVE-2015-6008...
Sql injection
Multiple SQL injection vulnerabilities in Web Reference Database aka refbase through 0.9.6 allow remote attackers to execute arbitrary SQL commands via 1 the where parameter to rss.php or 2 the sqlQuery parameter to search.php, a different issue than CVE-2015-7382...
CVE-2015-7383
Multiple cross-site scripting XSS vulnerabilities in Web Reference Database aka refbase through 0.9.6 and bleeding-edge through 2015-04-28 allow remote attackers to inject arbitrary web script or HTML via the 1 adminUserName, 2 pathToMYSQL, 3 databaseStructureFile, or 4 pathToBibutils parameter t...
CVE-2015-7381
Web Reference Database (refbase)
CVE-2015-7383
The CVE-2015-7383 entries relate to Web Reference Database (refbase). Public docs confirm multiple cross-site scripting (XSS) vulnerabilities in refbase up to version 0.9.6 and bleeding-edge builds as of 2015-04-28. The root cause is likely insufficient input sanitization in parameters passed to ...
CVE-2015-6012
CVE-2015-6012 concerns Web Reference Database (refbase) open redirect via the referrer parameter. Connected sources confirm multiple open redirect vulnerabilities affecting refbase versions 0.9.6 and earlier, with exploitation enabling phishing by redirecting users to arbitrary sites. The core de...
CVE-2015-6007
Cross-site request forgery CSRF vulnerability in Web Reference Database aka refbase through 0.9.6 allows remote attackers to hijack the authentication of arbitrary users...
CVE-2015-6007
CVE-2015-6007 concerns Web Reference Database (refbase) up to version 0.9.6, with multiple reported vulnerabilities in a single entry. Public sources document a CSRF flaw allowing attackers to hijack user sessions, and the consolidated OpenVAS entry lists additional issues in the same 0.9.6+ bran...
CVE-2015-7382
The connected documents confirm a SQL injection vulnerability in Web Reference Database (refbase) through version 0.9.6, exploitable via the defaultCharacterSet parameter in install.php, enabling remote execution of arbitrary SQL commands. This CVE is distinct from CVE-2015-6009 and is listed amo...
CVE-2015-6012
Multiple open redirect vulnerabilities in Web Reference Database aka refbase through 0.9.6 and bleeding-edge before 2015-01-08 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the referrer parameter...